Displaying 20 results from an estimated 2000 matches similar to: "[Bug 1486] New: Improperly used buffer during KEX"
2003 Oct 08
4
OS/390 openssh
Hello Steve, Hello OpenSSH-portable developers,
I am building OpenSSH for our (EBCDIC-based) BS2000 mainframe
operating system, and I noticed you do the same for OS/390.
Because my initial ssh port was based on IBM's OSS port (ssh-1.2.2
or some such), I thought it was fair enough to help with a little
co-operation; we might come up with a unified EBCDIC patch which could
be contributed to
2008 Jul 12
2
[Bug 1487] New: Race condition between monitor and unprivileged child in sshd
https://bugzilla.mindrot.org/show_bug.cgi?id=1487
Summary: Race condition between monitor and unprivileged child
in sshd
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.0p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
2013 Jun 25
1
RFC: encrypted hostkeys patch
Hi,
About a year and a half ago I brought up the topic of encrypted hostkeys
and posted a patch
(http://marc.info/?l=openssh-unix-dev&m=132774431906364&w=2), and while the
general reaction seemed receptive to the idea, a few problems were pointed
out with the implementation (UI issues, ssh-keysign breakage).
I've finally had some spare time in which to get back to this, and I've
2008 Sep 15
0
No subject
hello..
i am running openssh-3.7.1p2. on linux.It is working successfully..and daemon is running &client also connecting.But the problem is with the mips architecture when i connecting this server from remote syytem.?i got an error of buufer_get:trying to get more bytes 1 than buffer0.And client is not connecting from remote system.My out is as follows on my server
?in sshd main
before
2008 Sep 18
2
SSHD_PROBLEM
hello..
i am running openssh-3.7.1p2. on linux.It is working
successfully.and daemon is running &client also connecting.But the
problem is with the mips architecture when i connecting this server
from remote syytem. i got an error of buufer_get:trying to get more
bytes 1 than buffer0.And client is not connecting from remote system.My
out is as follows on my server
in sshd main
before
2010 Jul 23
1
Sending files from mobile to CentOS via Bluetooth
Has anyone here managed to send files from a mobile phone to a CentOS
system via Bluetooth? I'm trying with a Samsung E1310, using the GNOME
tools, but can't get it to work. I can send files from the Linux box to
this phone using the Nautilus bluetooth plugin
(nautilus-sendto-bluetooth), and have also managed to "pull" some data
I've been trying to send, via
2005 Jul 26
1
Linux in-kernel keys support
Hi all,
I recently made a patch to openssh 4.1p1 to allow it to use the
in-kernel key management provided by 2.6.12 or later Linux kernels.
I've attached the patch (which is still only a proof-of-concept, for
instance its very verbose right now) to this mail.
Now, my question is, is this a completely insane idea and would (a later
version of) the patch have a chance of making it into the
2001 Oct 24
2
disable features
this (uncomplete) patch makes various features compile time
options and saves up to 24K in the resulting
ssh/sshd binaries. i don't know whether this
should be added to the CVS since it makes
the code less readable.
perhaps WITH_COMPRESSION should be added, since
it removes the dependency on libz
-m
Index: Makefile.inc
===================================================================
RCS
2024 Feb 05
6
[Bug 3663] New: KEX host signature length wrong since strict kex introduced
https://bugzilla.mindrot.org/show_bug.cgi?id=3663
Bug ID: 3663
Summary: KEX host signature length wrong since strict kex
introduced
Product: Portable OpenSSH
Version: 9.6p1
Hardware: Other
OS: Linux
Status: NEW
Severity: major
Priority: P5
Component: sshd
2002 Jan 27
0
IdentityFile patch
By the way, I noticed in the previous IdentityFile patch I forgot to
expand tilde. I fixed this by making the change in ssh.c instead of
readconf.c, which is probably where it belongs, as far as the existing code
is concerned:
diff -ur openssh-3.0.2p1/auth.c openssh-3.0.2p1I/auth.c
--- openssh-3.0.2p1/auth.c Sun Nov 11 17:06:07 2001
+++ openssh-3.0.2p1I/auth.c Sun Jan 27 12:05:14 2002
@@ -44,7
2002 Jan 27
1
[PATCH] Add user-dependent IdentityFile to OpenSSH-3.0.2p1
Here is a patch to allow private key files to be placed system wide (for
all users) in a secure (non-NFS) mounted location on systems where home
directories are NFS mounted. This is especially important for users who use
blank passphrases rather than ssh-agent (a good example of where this is
necessary is for tunnelling lpd through ssh on systems that run lpd as user
lp).
IdentityFile now accepts
2003 Jan 18
0
[Patch] User-dependent IdentityFile
Here is the user-dependent IdentityFile patch for openssh3.5 (BSD version),
which allows private key files to be placed system wide (for all users) in
a secure (non-NFS) mounted location.
This addresses an important security hole on systems where home directories
are NFS mounted, particularly if there are users who use blank passphrases
(or when lpd is tunneled through ssh on systems running lpd
2006 Nov 01
0
No subject
interacts with the telnet/rlogin server on AIX. The previous entries
about this only starting at ML03 and above seem to be correct. The bug
is not triggered in earlier versions of AIX.
Unfortunately, I have been unable to create a test case program that
causes the hang to occur. However, a simple hack to channels.c does
seem to fix the problem:
--- channels.c.orig Tue Jul 2 14:34:32 2002
+++
2001 May 08
1
New kex organisation and user options.
I'm in the process of updating my GSSAPI patches to the 2.9 release. However,
I've run into a slight problem with managing to get user options to play
nicely with the way that the kex code is now organised.
With the GSS kex its possible for the user to specify whether they want to
delegate their credentials to the server or not. This option is used only on
the client side (and so is
2008 Jun 28
1
KEX graceful failure
Dear all,
I am currently implementing an experimental key exchange (KEX) algorithm.
Unlike current algorithms like DH, mine needs to be able to fail gracefully,
and in case of failure, continue with whatever algorithm would have been
negotiated if mine was not selected.
My strategy for graceful failure is to remove my KEX algorithm from
myproposal[KEX_DEFAULT_KEX] and to initiate a new key
2000 Jan 19
3
AIX openssh patches
I have a few patches for AIX. The patchfile is attached below. The patch
has been tested on AIX4.2 and AIX4.3. The patch is on openssh-1.2.1pre25,
with openssl-0.94, using RSAref.
1) authenticate support - this function allows the system to determine
authentification. Whatever the system allows for login, authenticate
will too. It doesn't matter whether it is AFS, DFS, SecureID, local.
2014 Jan 24
3
[Bug 2198] New: GSSAPIKeyExchange gssapi-keyex bug in kex.c choose_kex()
https://bugzilla.mindrot.org/show_bug.cgi?id=2198
Bug ID: 2198
Summary: GSSAPIKeyExchange gssapi-keyex bug in kex.c
choose_kex()
Product: Portable OpenSSH
Version: 6.4p1
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: Kerberos support
2003 Feb 06
2
kex guess methods incorrect?
Hey guys,
My second post in the last few days (boy I'm active! ;)). We've had a
few issues with SSH Secure Shell version 3.2.0 (build 267) and sftp and
while trying to figure it out I noticed something in the debug output
that I think should be brought to OpenSSH's attention.
Ssh2Transport/trcommon.c:1518: All versions of OpenSSH handle kex
guesses incorrectly.
Does anyone know
2023 Dec 20
0
Feature Request: new "Require Strict-KEX" c/s option
Hello,
since one currently (after the 9.6 release addressing terrapin with
strict-kex) cant be sure that strict KEX mode is negotiated (it depends
on the capabilities of the partner), and the mitigation for that is to
disable most modern/alternative ciphers and MAC modes -
I would suggest you offer the option to enforce strict-kex mode as a server
config as well as a per-host config in the
2014 Oct 10
3
[Bug 2291] New: ssh -Q kex lists diffie-hellman-group1-sha1 twice
https://bugzilla.mindrot.org/show_bug.cgi?id=2291
Bug ID: 2291
Summary: ssh -Q kex lists diffie-hellman-group1-sha1 twice
Product: Portable OpenSSH
Version: 6.7p1
Hardware: Other
OS: Linux
Status: NEW
Severity: minor
Priority: P5
Component: sftp-server
Assignee: